toddouska
2d13a43e71
Merge pull request #3819 from elms/fix/nightly_g++
...
ssl: fix g++ compile warning with explicit cast
2021-02-25 16:04:05 -08:00
Elms
afbe3607d7
ssl: fix g++ compile warning with explicit cast
...
cast OpenSSL callback to `void*` for storage as context to be used by
static callback
2021-02-25 11:01:16 -08:00
Sean Parkinson
d271092aef
ASN: move wolfSSL_i2d_X509_NAME to ssl.c
...
Move WOLFSSL_X509_NAME APIs out of asn.[ch].
2021-02-25 11:45:12 +10:00
toddouska
94a23c1d48
Merge pull request #3646 from julek-wolfssl/nginx-1.19.6
...
Add support for Nginx 1.19.6
2021-02-24 12:21:51 -08:00
Eric Blankenhorn
1d16af4f32
Warnings and error fixes
2021-02-24 09:08:15 -06:00
toddouska
e471cba8df
Merge pull request #3780 from SparkiDev/tls13_key_up_resp
...
TLS 1.3: add API to tell if a KeyUpdate response is required
2021-02-23 11:57:10 -08:00
Juliusz Sosinowicz
d074e7443f
Remove default ticket cb as this will be added in another PR
2021-02-23 10:06:11 +01:00
David Garske
b5239f97c4
Fixes for warnings in Windows. Fix for failing wc_BufferKeyEncrypt with PBKDF disabled. ZD 11759.
2021-02-22 16:51:17 -08:00
Sean Parkinson
41c4a25b25
Merge pull request #3785 from embhorn/zd11752
...
Fix ret val for wolfSSL_BIO_set_ssl
2021-02-22 08:34:47 +10:00
Eric Blankenhorn
ebb2c7ae71
Fix ret val for wolfSSL_BIO_set_ssl
2021-02-19 16:35:01 -06:00
JacobBarthelmeh
8d7c61cf10
prep for Async release
2021-02-19 11:51:23 -07:00
Sean Parkinson
fa7b5f55ee
TLS 1.3: add API to tell if a KeyUpdate response is required
2021-02-19 10:21:08 +10:00
Sean Parkinson
ad58478d29
Merge pull request #3765 from embhorn/zd11703
...
Validate name size
2021-02-18 08:42:26 +10:00
Sean Parkinson
276e090a1f
Merge pull request #3763 from embhorn/zd11726
...
Adding wolfSSL_CTX_get_TicketEncCtx
2021-02-18 08:35:03 +10:00
Eric Blankenhorn
caa39f78ae
Fix from review and leak in wolfSSL_X509_get_serialNumber
2021-02-17 13:53:30 -06:00
Eric Blankenhorn
608083f559
Add more checks for name->sz
2021-02-17 12:19:42 -06:00
Jacob Barthelmeh
4def38dd7e
fix build for apache without tls 1.3
2021-02-17 18:23:03 +07:00
Eric Blankenhorn
806b5d7d23
Validate name size
2021-02-16 14:58:58 -06:00
Juliusz Sosinowicz
89fd0b375b
Correctly read anon cipher run-time options
2021-02-16 14:27:19 +01:00
Juliusz Sosinowicz
9265c3f71f
Use native API for ticket callback
2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
0ae1a8b8c5
Jenkins fixes
...
- Change pushCAx509Chain to an iterative implementation
- Fix variable names shadowing global names
2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
e80158a96e
Set full chain with known CA's in wolfSSL_set_peer_cert_chain
2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
b90862fa3f
Free OcspEntry.status only when the struct owns the pointer
2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
26df833074
Compat layer session tickets
...
- OpenSSL uses an internal mechanism by default for session tickets. This is now implemented for OPENSSL_EXTRA in wolfSSL.
- Add testing of wolfSSL_CTX_set_tlsext_ticket_key_cb
2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
9a1e54cfd5
Nginx 1.19.6 Fixes
2021-02-16 14:25:45 +01:00
Juliusz Sosinowicz
b63f43a2af
Nginx 1.19.6
...
- Implement X509_pubkey_digest
- Initialize entire WOLFSSL_X509_NAME struct to zero
- Set raw and rawLen when copying WOLFSSL_X509_NAME
2021-02-16 14:25:45 +01:00
Eric Blankenhorn
b7b07e1945
Adding wolfSSL_CTX_get_TicketEncCtx
2021-02-15 11:28:46 -06:00
Jacob Barthelmeh
0b0f370384
fix for haproxy and nginx build
2021-02-15 22:09:44 +07:00
Sean Parkinson
ba1c67843a
Merge pull request #3752 from JacobBarthelmeh/Jenkins
...
changes from nightly Jenkins test review
2021-02-15 16:32:40 +10:00
Sean Parkinson
505514415d
Merge pull request #3748 from JacobBarthelmeh/Testing
...
always check index into certs
2021-02-15 08:20:28 +10:00
Jacob Barthelmeh
1c852f60ab
fix for g++ build
2021-02-12 23:26:54 +07:00
Jacob Barthelmeh
0938a0055d
always use MAX_CHAIN_DEPTH for args->certs buffer
2021-02-12 15:18:14 +07:00
toddouska
f0ce6ada0f
Merge pull request #3702 from guidovranken/zd11603
...
Prevent dangling pointer in TLSX_Cookie_Use
2021-02-11 12:31:02 -08:00
toddouska
80b9949052
Merge pull request #3739 from kaleb-himes/FusionRTOS-Porting-R3
...
Fusion RTOS porting round 3
2021-02-11 12:25:55 -08:00
toddouska
39cb84de25
Merge pull request #3697 from julek-wolfssl/openvpn-2.5-missing-stuff
...
OpenVPN master additions
2021-02-11 08:56:45 -08:00
Jacob Barthelmeh
90140fc5a4
always check index into certs
2021-02-11 21:50:51 +07:00
toddouska
032cc1645c
Merge pull request #3713 from SparkiDev/tls_def_sess_ticket_cb
...
TLS Session Ticket: default encryption callback
2021-02-10 16:13:33 -08:00
toddouska
67b1280bbf
Merge pull request #3545 from kabuobeid/smime
...
Added support for reading S/MIME messages via SMIME_read_PKCS7.
2021-02-10 15:59:32 -08:00
kaleb-himes
223ba43c2c
Add debug message regarding failure
2021-02-10 12:15:43 -07:00
kaleb-himes
9e6ab4ab70
Address indendation, fix return on stub, remove warning
2021-02-10 11:26:29 -07:00
kaleb-himes
4c171524dd
Address missed CloseSocket item and revert some white space changes
2021-02-10 09:14:54 -07:00
kaleb-himes
7e428f90f2
Revert zero return, to be handled in stand-alone PR
2021-02-10 05:31:57 -07:00
kaleb-himes
15f9902e94
Address new file issue by Jenkins and peer feedback on return val of time
2021-02-10 04:16:34 -07:00
Sean Parkinson
794cb5c7a9
TLS Session Ticket: default encryption callback
...
Encrypts with ChaCha20-Poly1305 or AES-GCM.
Two keys in rotation.
Key used for encryption until ticket lifetime goes beyond expirary
(default 1 hour). If key can still be used for decryption, encrypt with
other key.
Private random used to generate keys.
2021-02-10 14:31:54 +10:00
kaleb-himes
89b97a0fbf
Implement peer feedback
2021-02-09 18:42:23 -07:00
toddouska
f63f0ccb94
Merge pull request #3740 from SparkiDev/tls13_one_hrr_sh
...
TLS 1.3: Only allow one ServerHello and one HelloRetryRequest
2021-02-09 14:59:10 -08:00
toddouska
9a7aba265a
Merge pull request #3716 from kaleb-himes/OE10_ACVP_OE13_ACVP_WPAA
...
OE10 and OE13 ACVP updates for armv8 PAA
2021-02-09 14:50:42 -08:00
Kaleb Himes
73d7709724
Update comment about location for porting changes.
2021-02-09 15:39:12 -07:00
kaleb-himes
6d23728a56
Fusion RTOS porting round 3
2021-02-09 15:33:06 -07:00
toddouska
250b59f8fd
Merge pull request #3688 from julek-wolfssl/correct-cert-free
...
Use wolfSSL_X509_free to free ourCert
2021-02-09 12:41:12 -08:00